Wireshark mailing list archives
Re: tcpdump with snaplen set to 128
From: Perry Smith <pedzsan () gmail com>
Date: Thu, 18 Oct 2012 17:23:16 -0500
On Oct 16, 2012, at 8:18 PM, Guy Harris wrote:
The problem is with -B and without -T - either 1) iptrace format has a place to put the "length" (before slicing), and Wireshark doesn't yet know where it is or 2) iptrace format has no place to put the "length" (before slicing).
I am fairly sure it is #2. I'm fairly sure packet_trace_header is the structure (in aixif/net_if.h) I'm all set to open a bug report but I don't see the point unless someone just wants to look. I have two data files ready to upload. One is an aix iptrace with -B -S 128 without -T and the other is a tcpdump taken on a Mac with -s 128 of a single ftp get to the Mac of a 1 meg file. Thank you for your time, Perry Smith ___________________________________________________________________________ Sent via: Wireshark-users mailing list <wireshark-users () wireshark org> Archives: http://www.wireshark.org/lists/wireshark-users Unsubscribe: https://wireshark.org/mailman/options/wireshark-users mailto:wireshark-users-request () wireshark org?subject=unsubscribe
Current thread:
- tcpdump with snaplen set to 128 Perry Smith (Oct 15)
- Re: tcpdump with snaplen set to 128 Guy Harris (Oct 15)
- Re: tcpdump with snaplen set to 128 Perry Smith (Oct 15)
- Re: tcpdump with snaplen set to 128 Guy Harris (Oct 15)
- Re: tcpdump with snaplen set to 128 Perry Smith (Oct 15)
- Re: tcpdump with snaplen set to 128 Guy Harris (Oct 15)
- Re: tcpdump with snaplen set to 128 Perry Smith (Oct 15)
- Re: tcpdump with snaplen set to 128 Guy Harris (Oct 15)
- Re: tcpdump with snaplen set to 128 Perry Smith (Oct 16)
- Re: tcpdump with snaplen set to 128 Guy Harris (Oct 16)
- Re: tcpdump with snaplen set to 128 Perry Smith (Oct 18)
- Re: tcpdump with snaplen set to 128 Perry Smith (Oct 15)
- Re: tcpdump with snaplen set to 128 Guy Harris (Oct 15)